Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by CWE-120
Total 1596 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2011-3033 2 Google, Opensuse 2 Chrome, Opensuse 2020-04-16 7.5 HIGH N/A
Buffer overflow in Skia, as used in Google Chrome before 17.0.963.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
CVE-2015-7747 3 Audio File Library Project, Canonical, Fedoraproject 3 Audio File Library, Ubuntu Linux, Fedora 2020-04-13 6.8 MEDIUM 8.8 HIGH
Buffer overflow in the afReadFrames function in audiofile (aka libaudiofile and Audio File Library) allows user-assisted remote attackers to cause a denial of service (program crash) or possibly execute arbitrary code via a crafted audio file, as demonstrated by sixteen-stereo-to-eight-mono.c.
CVE-2015-5524 1 Google 1 Android 2020-04-13 7.5 HIGH 9.8 CRITICAL
An issue was discovered on Samsung mobile devices with KK(4.4) and later software through 2015-05-13. There is a buffer overflow in datablock_write because the amount of received data is not validated. The Samsung ID is SVE-2015-4018 (December 2015).
CVE-2020-10814 1 Codeblocks 1 Code\ 2020-04-10 4.3 MEDIUM 5.5 MEDIUM
A buffer overflow vulnerability in Code::Blocks 17.12 allows an attacker to execute arbitrary code via a crafted project file.
CVE-2018-21044 1 Google 1 Android 2020-04-09 7.5 HIGH 9.8 CRITICAL
An issue was discovered on Samsung mobile devices with N(7.x) and O(8.0) software. The sem Trustlet has a buffer overflow that leads to arbitrary TEE code execution. The Samsung IDs are SVE-2018-13230, SVE-2018-13231, SVE-2018-13232, SVE-2018-13233 (December 2018).
CVE-2018-21090 1 Google 1 Android 2020-04-09 10.0 HIGH 9.8 CRITICAL
An issue was discovered on Samsung mobile devices with software through 2017-11-03 (S.LSI modem chipsets). The Exynos modem chipset has a baseband buffer overflow. The Samsung ID is SVE-2017-10745 (January 2018).
CVE-2018-21050 1 Google 1 Android 2020-04-09 10.0 HIGH 9.8 CRITICAL
An issue was discovered on Samsung mobile devices with N(7.x) and O(8.X) (Exynos chipsets) software. There is a Buffer overflow in the esecomm Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2018-12852 (October 2018).
CVE-2018-21066 1 Google 1 Android 2020-04-09 10.0 HIGH 9.8 CRITICAL
An issue was discovered on Samsung mobile devices with M(6.0) (Exynos or MediaTek chipsets) software. There is a buffer overflow in a Trustlet that can cause memory corruption. The Samsung ID is SVE-2018-11599 (July 2018).
CVE-2018-21064 1 Google 1 Android 2020-04-09 7.5 HIGH 9.8 CRITICAL
An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) software. There is an array overflow in a driver's input booster. The Samsung ID is SVE-2017-11816 (August 2018).
CVE-2005-1987 1 Microsoft 4 Exchange Server, Windows 2000, Windows Server 2003 and 1 more 2020-04-09 7.5 HIGH N/A
Buffer overflow in Collaboration Data Objects (CDO), as used in Microsoft Windows and Microsoft Exchange Server, allows remote attackers to execute arbitrary code when CDOSYS or CDOEX processes an e-mail message with a large header name, as demonstrated using the "Content-Type" string.
CVE-2017-18681 1 Samsung 2 Galaxy S5, Galaxy S5 Firmware 2020-04-08 10.0 HIGH 9.8 CRITICAL
An issue was discovered on Samsung Galaxy S5 mobile devices with software through 2016-12-20 (Qualcomm AP chipsets). There are multiple buffer overflows in the bootloader. The Samsung ID is SVE-2016-7930 (March 2017).
CVE-2017-18691 2 Google, Samsung 2 Android, Exynos 8890 2020-04-08 7.5 HIGH 9.8 CRITICAL
An issue was discovered on Samsung mobile devices with M(6.0) and N(7.0) (Exynos8890 chipsets) software. There are multiple Buffer Overflows in TSP sysfs cmd_store. The Samsung ID is SVE-2016-7500 (January 2017).
CVE-2017-18690 2 Google, Samsung 9 Android, Exynos 5410, Exynos 5420 and 6 more 2020-04-08 7.5 HIGH 9.8 CRITICAL
An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.0) (Exynos54xx, Exynos7420, Exynos8890, or Exynos8895 chipsets) software. There is a buffer overflow in the sensor hub. The Samsung ID is SVE-2016-7484 (January 2017).
CVE-2017-18693 1 Google 1 Android 2020-04-08 7.5 HIGH 9.8 CRITICAL
An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.0) software. There is a buffer overflow in the fps sysfs entry. The Samsung ID is SVE-2016-7510 (January 2017).
CVE-2017-18660 1 Google 1 Android 2020-04-08 7.5 HIGH 9.8 CRITICAL
An issue was discovered on Samsung mobile devices with M(6.0) and N(7.x) software. There is a buffer overflow in tlc_server. The Samsung ID is SVE-2017-8888 (July 2017).
CVE-2017-18661 1 Google 1 Android 2020-04-08 7.5 HIGH 9.8 CRITICAL
An issue was discovered on Samsung mobile devices with M(6.0) and N(7.x) software. There is a buffer overflow in process_cipher_tdea. The Samsung ID is SVE-2017-8973 (July 2017).
CVE-2020-5734 1 Solarwinds 1 Dameware 2020-04-07 4.3 MEDIUM 7.5 HIGH
Classic buffer overflow in SolarWinds Dameware allows a remote, unauthenticated attacker to cause a denial of service by sending a large 'SigPubkeyLen' during ECDH key exchange.
CVE-2020-8423 1 Tp-link 2 Tl-wr841n, Tl-wr841n Firmware 2020-04-06 9.0 HIGH 7.2 HIGH
A buffer overflow in the httpd daemon on TP-Link TL-WR841N V10 (firmware version 3.16.9) devices allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for the configuration of the Wi-Fi network.
CVE-2020-10599 1 Visam 2 Vbase Editor, Vbase Web-remote 2020-04-06 7.5 HIGH 9.8 CRITICAL
VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module may allow a vulnerable ActiveX component to be exploited resulting in a buffer overflow, which may lead to a denial-of-service condition and execution of arbitrary code.
CVE-2020-10595 2 Debian, Pam-krb5 Project 2 Debian Linux, Pam-krb5 2020-04-03 7.5 HIGH 9.8 CRITICAL
pam-krb5 before 4.9 has a buffer overflow that might cause remote code execution in situations involving supplemental prompting by a Kerberos library. It may overflow a buffer provided by the underlying Kerberos library by a single '\0' byte if an attacker responds to a prompt with an answer of a carefully chosen length. The effect may range from heap corruption to stack corruption depending on the structure of the underlying Kerberos library, with unknown effects but possibly including code execution. This code path is not used for normal authentication, but only when the Kerberos library does supplemental prompting, such as with PKINIT or when using the non-standard no_prompt PAM configuration option.